COSCO Hit by Suspected Ransomware

Chinese shipping giant COSCO is said to have suffered a major ransomware-related outage affecting its Americas operations, although so far seems to be trying to minimize the potential news fall-out.

Reports from the trade press citing internal emails suggest the firm has been hit by ransomware in the US and is asking staff not to open suspicious emails.

However, an official statement from the stet-owned firm yesterday doesn’t mention malware as the cause.

“Due to local network breakdown within our America regions, local email and network telephone cannot work properly at the moment. For safety precautions, we have shut down the connections with other regions for further investigations,” it states.

“So far, all the vessels of our company are operating as normal, and our main business operation systems are performing stably. We are glad to inform you that we have taken effective measures. Except for above regions affected by the network problem, the business operation within all other regions will be recovered very soon.”

The ‘network breakdown’ also appears to have taken COSCO’s US website offline at the time of writing.

One report suggested that the firm had been forced to rely on the telephone to communicate with customers, slowing operations but not putting them completely out of action.

If the reports are true, they call to mind the NotPetya-related outage at Danish shipper Maersk, which resulted in an estimated $300m loss for the firm.

It’s another reminder of the potential impact ransomware can have, even on large organizations which should have a generous pot of revenue assigned to cybersecurity.

However, in general, reports of the malware to the FBI have decreased over the past year. The Bureau received only 1783 ransomware complaints in 2017, linked to losses of just $2.3m. That’s a sizeable drop from the 2673 reports it processed in 2016 and the 2453 from 2015.

With a 50 year history, COSCO is said to be the fourth largest shipper in the world.